Privacy
Privacy Policy
How RoboShift Lab collects, uses and protects personal information. Effective and last updated 10 July 2026.
1. Introduction and scope
RoboShift Lab ("we", "us", "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, retain and protect personal information when you visit roboshiftlab.life, contact us, or engage our manipulation and automation engineering services. We are accountable under Canada's federal Personal Information Protection and Electronic Documents Act (PIPEDA) and, for British Columbia residents and BC-held information, the provincial Personal Information Protection Act (PIPA).
This policy applies to information collected through our website, email, telephone, in-person meetings at our Vernon Drive studio, and project documentation. It does not cover third-party websites linked from our pages; those sites maintain their own policies.
2. Accountability
RoboShift Lab is responsible for personal information under our control. We have designated privacy accountability to our operations lead, reachable at [email protected] or 150 Vernon Drive, Suite 105, Vancouver, BC V6A 3P5, Canada. We train staff who handle client data on confidentiality, least-privilege access and incident reporting.
3. What personal information we collect
Depending on your interaction, we may collect:
- Contact and identity data: name, job title, employer, email address, telephone number, postal address.
- Inquiry content: messages you send via our contact form, attachments you choose to share, and records of correspondence.
- Project and technical data: production details, line layouts, photographs, videos, CAD files and commissioning notes supplied for engineering engagements.
- Website usage data: IP address, browser type, device characteristics, pages viewed, referring URL and approximate region — collected via cookies and server logs as described in our Cookie Policy.
- Billing data: invoicing contacts, purchase order references and payment status. Payment card numbers are processed by our payment providers, not stored on our web server.
We do not intentionally collect sensitive personal information such as government identifiers or health records unless you voluntarily provide it for a specific engagement and we agree in writing that such collection is necessary.
4. How we collect information
We collect information directly from you when you submit forms, email us, call our studio, meet in person, or sign contracts. We collect indirectly when you browse our site (cookies/logs) or when your employer shares contact details to initiate a project. We do not purchase personal information lists for marketing.
5. Purposes of collection and use
We use personal information only for purposes a reasonable person would consider appropriate, including:
- Responding to inquiries and scheduling cell assessments.
- Proposing, negotiating and delivering engineering services.
- Managing safety documentation, commissioning records and training attendance.
- Issuing invoices, processing payments and maintaining accounting records.
- Improving website performance and content through aggregated analytics where consented.
- Complying with legal, regulatory and insurance obligations.
- Protecting our rights and the security of our systems.
We will identify additional purposes at or before collection when not obvious from context. Contact form submissions require explicit consent via the consent_pipeda checkbox before we use your details to respond.
6. Consent
We rely on meaningful consent. Express consent is required for contact form processing and for non-essential cookies. Implied consent may apply to follow-up communication reasonably related to an inquiry you initiated. You may withdraw consent for optional processing at any time, subject to legal or contractual restrictions. Withdrawal does not affect prior lawful processing.
7. Limits on collection and use
We collect only information necessary for identified purposes. We do not use personal information for automated employment decisions about you, for sale to data brokers, or for unrelated direct marketing. Engineering files you provide remain your operational data; we use them solely to perform contracted work and maintain records required by law or agreement.
8. Disclosure to third parties
We may disclose personal information to:
- Subcontractors and specialist fabricators under confidentiality agreements when required for tooling or integration work.
- Cloud hosting, email and analytics providers that process data on our instructions within Canada or jurisdictions offering comparable protection, with contractual safeguards.
- Professional advisors (lawyers, accountants, insurers) bound by confidentiality.
- Authorities when required by valid legal process or to prevent serious harm.
We do not disclose client production secrets to competing manufacturers without written authorization. A list of primary service providers is available on request.
9. Cross-border processing
Our preference is to host and process Canadian client data in Canada. Where a provider processes data outside Canada, we assess risks, implement contractual protections and notify you in project agreements when required. You may request details about storage locations applicable to your engagement.
10. Retention
Contact inquiries: up to twenty-four months after last meaningful correspondence unless a project follows. Project files: duration of engagement plus seven years for engineering and tax records unless a shorter period is agreed in writing. Cookie consent choices: six months, then re-prompted. Server logs: rotated within ninety days. When retention ends, we delete or anonymize information securely.
11. Security safeguards
We implement administrative, technical and physical measures appropriate to sensitivity: access controls on project folders, encrypted transport (TLS) on our website, workstation disk encryption for field laptops, and locked storage at our Vernon Drive suite. No method is perfectly secure; we maintain incident response procedures to contain, assess and notify affected individuals and regulators when required by PIPEDA or PIPA.
12. Individual access and correction
You may request access to personal information we hold about you, challenge its accuracy, and request correction. We respond within thirty days unless an extension is permitted. We will explain any refusal with reference to applicable exceptions. To exercise rights, email [email protected] with "Privacy request" in the subject line.
13. Complaints
We invite you to contact us first so we can resolve concerns. If unsatisfied, Canadian residents may complain to the Office of the Privacy Commissioner of Canada. British Columbia residents may also contact the Office of the Information and Privacy Commissioner for British Columbia (OIPC BC). We will cooperate with regulator inquiries.
14. Children's privacy
Our services and website are directed to business and engineering professionals. We do not knowingly collect personal information from individuals under sixteen. If you believe a minor submitted data, contact us for deletion. Parents or guardians may reach our privacy contact to request removal of inadvertently collected information.
15. Changes to this policy
We may update this Privacy Policy to reflect legal or operational changes. Material updates will be posted here with a revised "Last updated" date. Continued use after posting constitutes notice of the change; where required, we will seek renewed consent. Previous versions may be archived internally for compliance review upon request.
17. AI, cloud vendors and sub-processors
Some engagements use cloud simulation, version control or communication tools that may process metadata or file attachments outside your facility. We assess vendors for security posture and contract terms before uploading client data. Where personal information of your employees appears in commissioning videos or access logs, we treat it under the purposes described above and limit retention. You may request a sub-processor summary for active projects. We prefer Canadian hosting where practical and document cross-border transfers in project agreements when cloud regions fall outside Canada.
18. Breach notification
If we become aware of unauthorized access to personal information under our control that creates a real risk of significant harm, we will notify affected individuals and regulators as required by PIPEDA and, where applicable, PIPA. We maintain internal playbooks for containment, forensic review and corrective action. Notifications describe what occurred, what information was involved, steps we are taking, and how you may reduce harm — without undue delay consistent with law enforcement needs when an investigation is active.
19. Contact and Privacy Officer
Privacy requests and officer correspondence: [email protected] · General inquiries: [email protected] · We respond to access requests within thirty days where practicable.
RoboShift Lab · 150 Vernon Drive, Suite 105, Vancouver, BC V6A 3P5, Canada · +1 (604) 336-7150